Educause Security Discussion mailing list archives
Re: From Decentralized to Centralized
From: randy marchany <marchany () VT EDU>
Date: Thu, 19 Mar 2009 15:38:42 -0400
I haven't seen anyone suggest the following in their comments on this thread about "centralizing IT". I assume current action plans addresses these issues. 1. Leave the current IT positions at the depts but the funding for their positions comes from the central IT group. This solves a support problem that central IT has always had: no knowledge of how the individual business processes actually work. 2. Desktop mgt costs. Unless there's a massive replacement of PC, laptops and desktop servers with "thin" clients (whatever that is), there's still the question of managing the things. While Active Directory style mgt is nice and addresses this mgt problem, it's not applicable in all university settings. Central IT staff will have to support those outliers. This is particularly true in teaching and research labs where there are specialized computers that control lab equipment. 3. Virtualization plans. I'm sure current computer capacity at the central sites is not enough to support the added functions coming in from depts. Virtualization seems to be a way to provide this extra capacity at a reasonable cost. The market is somewhat young at the moment if not in the software technology then in the experience of the system administrators. The greyhairs who cut their teeth on old mainframe technology will now by back in demand. IBM VM system programmers, unite! You'll need a number of virtual host systems since you never want to put all critical functions on a single host system. 4. Security issues. It's easy to say that centralizing IT processes will increase security. However, point #1 shows that central IT doesn't know how the myriad departmental business processes work and that they will decide on one-size-fits-all approach that will be "efficient" from a management view but cumbersome in the office environment. Cumbersome procedures mean that people will circumvent them and that leads to a decrease in security. Yet, in order to get a good idea of how business processes actually DO their business requires a lot of time and $$ and most central IT orgs won't do that. So, we have an overall decrease in security. I'm not opposed to centralizing IT but there were valid reasons why decentralization happened. Things like not providing timely service, not being responsive to rapid changes, etc. forced the migration in the first place. -Randy
Current thread:
- From Decentralized to Centralized Sarazen, Daniel (Mar 19)
- <Possible follow-ups>
- Re: From Decentralized to Centralized Joel Rosenblatt (Mar 19)
- Re: From Decentralized to Centralized Ness, Carl J (Mar 19)
- Re: From Decentralized to Centralized Kathy Bergsma (Mar 19)
- Re: From Decentralized to Centralized Allison Dolan (Mar 19)
- Re: From Decentralized to Centralized Consolvo, Corbett D (Mar 19)
- Re: From Decentralized to Centralized Joel Rosenblatt (Mar 19)
- Re: From Decentralized to Centralized Jesse Thompson (Mar 19)
- Re: From Decentralized to Centralized randy marchany (Mar 19)
- Re: From Decentralized to Centralized Gary Bristol (Mar 19)
- Re: From Decentralized to Centralized Bowden, Zeb (Mar 19)